- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2015 06:53 AM
Fuji release, patch4.
I want to update record in oauth_entity table from include script, but I get the error:
Security restricted: Read operation against 'oauth_entity' from scope "x_my_scope" has been refused due to the table's cross-scope access policy
The Fix Script looks like a possible workaround and I can update the record from the Fix Script.
Do limitations present in scoped applications somehow apply to Fix Scripts? (or will apply in next Fuji releases?)
I would like to know whether it is safe to rely on Fix Scripts.
Solved! Go to Solution.
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2015 11:51 AM
Last I tested, fix scripts run in the context of the app scope they belong to. This makes sense, otherwise it would be a security flaw if they let an app modify an out-of-scope table the is set to prevent access.
Here's a write up I did a while ago.
FujiForty - Get Your Fix — CAVUCode
It sounds like you'll need to have the customer manually make the change, or provide them an update set that will make the change for them since you won't be able to modify them from you app.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2015 07:30 AM
Hi,
I guess by Fix Script you mean the script include in the same scope of your table to be updated.
This is not a workaround but it the application data security feature added in fuji.
It will restrict to access data of one scoped application from another.
So you can rely on it.
Thanks,
Tanaji
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2015 07:43 AM
By Fix Script I mean Fix Scripts - ServiceNow Wiki
From Fix Script I can update records which I can't update from include script.
So, I think that Include Script and Fix Script are handled differently.
But I do not know how exactly.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2015 11:51 AM
Last I tested, fix scripts run in the context of the app scope they belong to. This makes sense, otherwise it would be a security flaw if they let an app modify an out-of-scope table the is set to prevent access.
Here's a write up I did a while ago.
FujiForty - Get Your Fix — CAVUCode
It sounds like you'll need to have the customer manually make the change, or provide them an update set that will make the change for them since you won't be able to modify them from you app.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2015 01:02 PM
John, thank you so much. That is what I was looking for. From the SN wiki it is not clear, how Fix Scripts work within scoped applications. But your write up makes it easy to understand.
